IEC104 communication access control method

An access control and control domain technology, applied in digital transmission systems, electrical components, transmission systems, etc., can solve problems such as inability to prevent attacks and firewalls that cannot be identified, and achieve the effect of preventing deceptive attacks

Inactive Publication Date: 2017-07-25
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF2 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Since the data packets of spoofing attacks conform to the IEC 60870-5-104 protocol rules, but traditional firewalls cannot recognize them, so they cannot prevent such attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IEC104 communication access control method
  • IEC104 communication access control method
  • IEC104 communication access control method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0034] figure 1 It is the IEC 60870-5-104 communication topology diagram.

[0035] In this example, if figure 1 As shown, the IEC 60870-5-104 communication topology includes a master station and multiple sub-stations. Adding communication access control between the master station and the sub-stations can effectively prevent attacks.

[0036] Combine below figure 1 A kind of IEC 60870-5-104 communication access control method of the present invention is described in detail, as image 3 shown, including the following steps:

[0037] S1, capture data packets

[0038] Such as figure 2 As shown, the Ethernet packet capture tool is used between the master station and the slave station to capture IEC 60870-5-104 data packets according to the IEC 60870-5-104 protocol port, so that the set access control eliminates the IEC60870-free - a data packet of the 5-104 protocol; in this embodiment, the IEC60870-5-104 data packet is captured through the port 2404 of the IEC 60870-5-104 p...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an IEC 60870-5-104 communication access control method. The method comprises the following steps: extracting the first bit of a control field first octet, the second bit of the control field first octet, and the first bit of the control field third octet which are in an IEC 60870-5-104 protocol, a type identifier and a transmission reason as features, learning a specific combination of above features by use of a neural network, thereby obtaining a standard matching rule for access control; and then preprocessing a captured data packet to obtain a to-be-detected sequence, matching the obtained sequence with the standard matching rule to judge whether the data packet is allowed to pass, thereby finishing the IEC 60870-5-104 communication access control.

Description

technical field [0001] The invention belongs to the technical field of industrial control information security, and more specifically relates to an IEC 60870-5-104 communication access control method. Background technique [0002] The IEC 60870-5-104 network transmission protocol is an international standard protocol, which is mainly used in the data communication between the computer monitoring system of the power system substation or the substation RTU (remote terminal control system) and the main station SCADA system. The security of the IEC60870-5-104 protocol is very important to the power system. [0003] However, IEC 60870-5-104 is an open protocol, its message structure and data format are public, and without sufficient security measures, there are potential security risks. Attackers can use the IEC 60870-5- 104 protocol rules for deceptive attacks, for example, during the transmission of IEC 60870-5-104 protocol messages, attackers can use data packets that conform...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
Inventor 辛晓帅王斌邹见效何建
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap